MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7fe42426794ca9703e5fe5f080428058d8ada7b0c78913e44f5da74a9debf305. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7fe42426794ca9703e5fe5f080428058d8ada7b0c78913e44f5da74a9debf305
SHA3-384 hash: 7e4fd01b8a5d056bfbfd13c07fc1ee02dfcc847125a3b1cc74c83c22cedbc3fa5e206ac524ace07d5970c161cda79f86
SHA1 hash: a0d97806f4f452fc5ea16bec9cfc37befe5d1309
MD5 hash: c923a78e3d3da6be010578dbd7c126d1
humanhash: lake-jupiter-tennessee-magazine
File name:1MAR30_Annnnnnnnnnnnn-obf.py
Download: download sample
File size:1'013'802 bytes
First seen:2026-03-31 17:54:09 UTC
Last seen:Never
File type:
MIME type:application/x-bytecode.python
ssdeep 3072:ur8rBsnRwLynfx4ZCgYp53k/6/gBLix30An4QGUW77Zsv78M07M6un05LyODnvr5:u2
TLSH T14B258E2731A1941F6E65D2CBDF80BC6A4FC7DCD0E5A1A9EB28872ECC94C10D95CBD648
Magika pythonbytecode
Reporter kirkderp
Tags:py

Intelligence

File Origin
# of uploads :
1
# of downloads :
21
Origin country :
US US
Vendor Threat Intelligence
Gathering data
Detection(s):
SecuriteInfo.com.Python.Agent-YF.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69cc0e016363ca5d27f047f1
Tags:
n/a
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/69cc0f67e2df9aa488c05e7d/reports/96fc8405-e215-4852-9923-39cfd4e515bd/overview
Verdict:
Malicious
Labled as:
PYTHON/Packed.kramer
Link:
https://www.hybrid-analysis.com/sample/7fe42426794ca9703e5fe5f080428058d8ada7b0c78913e44f5da74a9debf305
Verdict:
Malicious
File Type:
pybcode
First seen:
2026-04-01T08:25:00Z UTC
Last seen:
2026-04-01T08:38:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan.Python.Kramer.gen
Link:
https://opentip.kaspersky.com/7fe42426794ca9703e5fe5f080428058d8ada7b0c78913e44f5da74a9debf305/results?tab=lookup
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7fe42426794ca9703e5fe5f080428058d8ada7b0c78913e44f5da74a9debf305/
Verdict:
Malicious
Threat:
Trojan.Python.Kramer
Link:
https://tip.neiki.dev/file/7fe42426794ca9703e5fe5f080428058d8ada7b0c78913e44f5da74a9debf305
Threat name:
Script-Python.Packed.Kramer
Create hunting rule
Status:
Malicious
First seen:
2026-03-31 17:54:29 UTC
File Type:
Binary
AV detection:
6 of 36 (16.67%)
Threat level:
  1/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=p7scijtzjsuxaps74xyiaqualdmk3j5qy6erhzcplwtuvhpl6mcq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260331-wwhz7sfy5z/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/7fe42426794ca9703e5fe5f080428058d8ada7b0c78913e44f5da74a9debf305

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments